Tracking fraud in the online environment is a hard problem to solve. Fraudster tactics rapidly evolve, and today's sophisticated criminal methods mean online account fraud often doesn't look like fraud at all. In fact, fraudsters can look and behave exactly like a customer might be expected to look and behave. Accurate detection is made even more difficult because today's fraudsters use multi-channel fraud methods that combine both online and offline steps, any one of which looks perfectly acceptable but when taken in combination amount to a fraudulent attack. Identifying truly suspicious events that deserve action by limited fraud resources is like finding a needle in a haystack.
Consequently, customer financial and information assets remain at risk, and the integrity of online channels is at risk. Companies simply do not have the resources to anticipate and respond to every possible online fraud threat. Today's attacks expose the inadequacies of yesterday's online fraud prevention technologies, which cannot keep up with organized fraudster networks and their alarming pace of innovation.
Reactive strategies are no longer effective against fraudsters. Too often, financial institutions learn about fraud when customers complain about losses. It is no longer realistic to attempt to stop fraudsters by defining new detection rules after the fact, as one can never anticipate and respond to every new fraud pattern. Staying in reactive mode makes tracking the performance of online risk countermeasures over time more difficult. Adequate monitoring of trends, policy controls, and compliance requirements continues to elude many institutions.
The conventional technologies that hope to solve the online fraud problem, while often a useful and even necessary security layer, fail to solve the problem at its core. These solutions often borrow technology from other market domains (e.g. credit card fraud, web analytics), then attempt to extend functionality for online fraud detection with mixed results. Often they negatively impact the online user experience.
Conventional alternatives attempting to solve the online fraud problem include multi-factor and risk-based authentication solutions and fraud rule-, fraud indicator- and fraud pattern-based transaction monitoring solutions. The multi-factor and risk-based authentication solutions are ineffective because they typically result in high false detections (false positives) and return non-actionable information. Authentication failure and the need for challenge questions are not accurate indicators of fraud, and challenge rates are too high to be acted upon by limited fraud investigation resources. Their fraud detection capabilities (e.g., device identification, cookies, etc.) do not deliver the performance required and lack the rich behavior models and account history necessary to investigate suspicious activity. Recently fraudsters have demonstrated the ability to circumvent this technology completely.
Fraud rule-, fraud indicator- and fraud pattern-based transaction monitoring solutions are generally always behind the latest fraud techniques. These solutions merely react to known threats instead of recognizing new threats as they happen. They require complicated rules development and maintenance, known fraud “truth sets” for algorithm training, and ongoing “care and feeding” maintenance to try to remain current. As a result, these solutions are unable to spot new fraud types and patterns. Once a breach occurs, most return minimal detail on any given fraud instance, little context, limited characterization of individual user behavior, no visual analytics, less granular risk scoring, and minimal forensics.